Optimizing Away JavaScript Obfuscation

09/19/2020
by   Adrian Herrera, et al.
0

JavaScript is a popular attack vector for releasing malicious payloads on unsuspecting Internet users. Authors of this malicious JavaScript often employ numerous obfuscation techniques in order to prevent the automatic detection by antivirus and hinder manual analysis by professional malware analysts. Consequently, this paper presents SAFE-Deobs, a JavaScript deobfuscation tool that we have built. The aim of SAFE-Deobs is to automatically deobfuscate JavaScript malware such that an analyst can more rapidly determine the malicious script's intent. This is achieved through a number of static analyses, inspired by techniques from compiler theory. We demonstrate the utility of SAFE-Deobs through a case study on real-world JavaScript malware, and show that it is a useful addition to a malware analyst's toolset.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
03/12/2019

Agent-based Vs Agent-less Sandbox for Dynamic Behavioral Analysis

Malicious software is detected and classified by either static analysis ...
research
05/02/2021

Python and Malware: Developing Stealth and Evasive Malware Without Obfuscation

With the continuous rise of malicious campaigns and the exploitation of ...
research
04/04/2018

Developing a K-ary malware using Blockchain

Cyberattacks are nowadays moving rapidly. They are customized, multi-vec...
research
06/27/2018

An Extensive Evaluation of the Internet's Open Proxies

Open proxies forward traffic on behalf of any Internet user. Listed on o...
research
08/04/2020

DAEMON: Dataset-Agnostic Explainable Malware Classification Using Multi-Stage Feature Mining

Numerous metamorphic and polymorphic malicious variants are generated au...
research
10/02/2021

Intensive Image Malware Analysis and Least Significant Bit Matching Steganalysis

Malware as defined by Kaspersky Labs is a type of computer program desig...
research
11/14/2020

HackerScope: The Dynamics of a Massive Hacker Online Ecosystem

Authors of malicious software are not hiding as much as one would assume...

Please sign up or login with your details

Forgot password? Click here to reset